Agree with Michael,
My start/stop scripts all now do a configtest before trying to
stop/start apache - this way I never have no service if something goes
wrong!
I do have a forcestop which will stop an apache if the config is wrong -
as a last resort!
James
On 01/05/2016 14:27, Michael A. Peters wrote:
> On 05/01/2016 06:19 AM, Florian Lindner wrote:
>> Hello,
>>
>> in my server configuration users can place their own SSL certificate in
>> predefined directories. A daily cron script detects them, updates the
>> apache
>> config and restarts the server.
>>
>> However, if there is a problem with the certificate or key file, the
>> apache
>> refused to work altogether.
>>
>> Is it possible to make apache disable only the problematic vhost
>> instead of
>> refusing to start?
>
> What you probably need to do is validate the certificates before
> updating the apache configuration file. The TLS library (e.g. openssl)
> probably can do that, though I'm not familiar with the specific
> argument you would need.
>
> Apache also has a check that can test whether or not apache will
> successfully start, that you can run before restarting the server.
>
> apachectl configtest
>
> I believe is the command.
>
> I'm not sure it tests all the TLS certs but if it doesn't, it is a bug
> in my mind.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
--
The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org